Compile payload
Compiling payload on the local host which is going to be executed on a remote victim often comes errors in form of version mismatch. Below is a quick way to solve it.
Debian-based (glibc)
glibc)Find information about the target.
aas@Leakage:/tmp$ cat /etc/os-release | grep -i pretty
PRETTY_NAME="Ubuntu 18.04.3 LTS"
aas@Leakage:/tmp$ ls -al /lib/x86_64-linux-gnu/libc.so.6
lrwxrwxrwx 1 root root 12 Apr 16 2018 /lib/x86_64-linux-gnu/libc.so.6 -> libc-2.27.soCreate a
Dockerfilewith the same image or libc-version.
Ubuntu images: https://hub.docker.com/_/ubuntu/tags
## Dockerfile
FROM ubuntu:18.04 as dev
## Install build-essential and copy files to container
RUN apt update && apt install -y build-essential
WORKDIR /src
COPY . /src/
## Build the binary
FROM dev as build
RUN CGO_ENABLED=0 gcc -o cve exploit.c
## Copy binary from container to host
FROM scratch as artifact
COPY --from=build /src/cve ./cve
FROM releaseBuild the payload using
DOCKER_BUILDKIT
utv-kali :: /tmp/test » DOCKER_BUILDKIT=1 docker build --target artifact --output type=local,dest=. . --network=host
[+] Building 12.4s (11/11) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 460B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/ubuntu:18.04 0.5s
=> [internal] load build context 0.0s
=> => transferring context: 483B 0.0s
=> CACHED [dev 1/4] FROM docker.io/library/ubuntu:18.04@sha256:152dc042452c496007f07ca9127571cb9c29697f42acbfad72324b2bb2e43c98 0.0s
=> [dev 2/4] RUN apt update && apt install -y build-essential 11.8s
=> [dev 3/4] WORKDIR /src 0.0s
=> [dev 4/4] COPY . /src/ 0.0s
=> [build 1/1] RUN CGO_ENABLED=0 gcc -o cve exploit.c 0.1s
=> [artifact 1/1] COPY --from=build /src/cve ./cve 0.0s
=> exporting to client 0.0s
=> => copying files 13.16kB 0.0s
utv-kali :: /tmp/test » ls -al
total 28
drwxrwxr-x 2 void void 100 Nov 2 14:22 .
drwxrwxrwt 39 root root 860 Nov 2 15:55 ..
-rw-rw-r-- 1 void void 342 Nov 2 14:17 Dockerfile
-rwxr-xr-x 1 void void 13136 Nov 2 14:03 cve
-rw-rw-r-- 1 void void 6312 Nov 2 13:08 exploit.cAlpine-based (libc.musl)
libc.musl)Useful images: https://hub.docker.com/r/frolvlad/alpine-glibc/tags
## Dockerfile
FROM frolvlad/alpine-glibc:glibc-2.27 as dev
## Install builder-base and copy files to container
RUN apk add build-base
WORKDIR /src
COPY . /src/
## Build the binary
FROM dev as build
RUN CGO_ENABLED=0 gcc -o cve exploit.c
## Copy binary from container to host
FROM scratch as artifact
COPY --from=build /src/cve ./cve
FROM releaseBuild the payload with the same commands as in the above example.
Last updated
Was this helpful?